Menu

Category: Security

Australia: the First Western Nation to “ban privacy”?

0 Comment

Creating keys to an encryption system, or, alternately, maintaining the encryption but forcing companies to create tools that allow them to attach a “stalker” to the system to monitor communications invisibly (the UK is proposing this method of surveillance, and the below Lawfare Blog post has more on this), automatically creates an enormous incentive for […]

Tracking the Hide and Seek Botnet

0 Comment

Hide and Seek (HNS) is a malicious worm which mainly infects Linux based IoT devices and routers. The malware spreads via bruteforcing SSH/Telnet credentials, as well as some old CVEs. What makes HNS unique is there’s no command and control server; instead, it receives updates using a custom peer-to-peer network created out of infected devices. […]

Global DNS Hijacking Campaign: DNS Record Manipulation at Scale

0 Comment

FireEye’s Mandiant Incident Response and Intelligence teams have identified a wave of DNS hijacking that has affected dozens of domains belonging to government, telecommunications and internet infrastructure entities across the Middle East and North Africa, Europe and North America. While we do not currently link this activity to any tracked group, initial research suggests the actor […]

Hiding Through a Maze of IoT Devices?

0 Comment

In March 2018, Symantec reported about the Inception Framework abusing vulnerable UPnP services to hide themselves. What is UPnP? UPnP stands for Universal Plug and Play and is basically just a set of networking protocols to allow devices to discover each other in the LAN and use some network features (such as data sharing or entertainment) without any configuration (hence […]

DarkHydrus is launching attacks

0 Comment

DarkHydrus is launching attacks to targets in Middle East. DNS tunneling is used for C2 communication. Dropper:الفهارس.xlsm VT Link https://www.virustotal.com/#/file/513813af1590bc9edeb91845b454d42bbce6a5e2d43a9b0afa7692e4e500b4c8/detection … C2: http://edgekey.live  http://akdns.live  http://trafficmanager.live  http://akamaized.live  http://akamaiedge.live  22 engines detected this file SHA-256 513813af1590bc9edeb91845b454d42bbce6a5e2d43a9b0afa7692e4e500b4c8 File name =?UTF-8?B?2KfZhNmB2YfYp9ix2LMueGxzbQ==?= File size 36.79 KB Last analysis 2019-01-09 08:33:50 UTC https://www.virustotal.com/#/file/513813af1590bc9edeb91845b454d42bbce6a5e2d43a9b0afa7692e4e500b4c8/detection

Vulnerabilities in systemd-journald

0 Comment

Extract from https://www.openwall.com/lists/oss-security/2019/01/09/3 Date: Wed, 9 Jan 2019 11:02:49 -0800 From: Qualys Security Advisory <qsa@…lys.com> To: oss-security@…ts.openwall.com Subject: System Down: A systemd-journald exploit Qualys Security Advisory System Down: A systemd-journald exploit ======================================================================== Contents ======================================================================== Summary CVE-2018-16864 – Analysis – Exploitation CVE-2018-16865 – Analysis – Exploitation CVE-2018-16866 – Analysis – Exploitation Combined Exploitation of CVE-2018-16865 and […]

Dark Web counterfeiting ring kept unencrypted customer lists.

0 Comment

Austrian police cracked a Dark Web counterfeiting ring. Police seized fake euros and a list of customers. The names, shipping addresses, and other details were stored in an unencrypted form on computers and on paper. Austrian officials provided the information to Europol, which organized a series of coordinated operations in more than a dozen countries. […]

Australia legislates the unlocking of encryption backdoors

0 Comment

The Australian government has scheduled its “not-a-backdoor” crypto-busting bill to land in parliament in the spring session, and we still don’t know what will be in it. The legislation is included in the Department of Prime Minister and Cabinet’s schedule of proposed laws to be debated from today (13 August) all the way into December. All we know, […]

Amazon policeware. Robocop 2019?

0 Comment

Amazon, if it wins the JEDI deal, could change the way in which government agencies procure advanced technology and process test, image, numeric, and video data. One immediate impact will be to force additional changes in how US government procurements for policeware, war fighting, and intelligence systems are handled. Furthermore, the traditional Federal supply chain […]

Introduction to Containers, VMs and Dockers

0 Comment

What are “containers” and “VMs”? Containers and VMs are similar in their goals: to isolate an application and its dependencies into a self-contained unit that can run anywhere. Moreover, containers and VMs remove the need for physical hardware, allowing for more efficient use of computing resources, both in terms of energy consumption and cost effectiveness. The […]

Language